[CLSA-2026:1777946242] php: Fix of 13 CVEs
Type:
security
Severity:
Important
Release date:
2026-05-05 01:57:28 UTC
Description:
- CVE-2018-14883: fix int overflow leading to heap overflow in exif_thumbnail_extract - CVE-2019-6977: fix imagecolormatch out-of-bounds write on heap in GD - CVE-2019-9022: fix memcpy with negative length via crafted DNS response - CVE-2019-9640: fix invalid read in exif_process_SOFn - CVE-2019-11042: fix heap buffer overflow in exif_process_user_comment - CVE-2019-9638, CVE-2019-9639: fix uninitialized read in exif_process_IFD_in_MAKERNOTE (single upstream commit covers both) - CVE-2019-9637: safer rename() procedure to avoid permission leak on EXDEV cross-filesystem fallback - CVE-2019-19246: fix Oniguruma out-of-bounds read in str_lower_case_match - CVE-2019-9024: fix xmlrpc base64 out-of-bounds read via unsigned char cast - CVE-2018-20783: fix phar_parse_pharfile buffer over-read via stricter manifest bounds checks - CVE-2018-19518: disable rsh/ssh logins in imap_open by default (new no_rsh/no_ssh INI entries) - CVE-2018-19935: fix imap_mail NULL pointer dereference on empty message parameter
Updated packages:
  • php-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:3656df09ccf3eaaf557f76ba5effc5da25837ed7892626b938b212014fe2397e
  • php-bcmath-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:5c79b36519affa97fe880a7c1c00919548d31edd3d64de1ab1a917c7b197dee1
  • php-cli-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:6fc8ab53b4e2da0f1fadfdafe0edef2608b5f9eab04bece54739ab24c6121985
  • php-common-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:d6fefed5b930e3dcc7ea37afe89edc10e502178161847ae161d262eb07faf772
  • php-dba-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:6c36fe2a260f37eeb0e37e04de474083eafcddd28ffdccffb2c0556a8dad8747
  • php-devel-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:186e61c400fa48af5cf76264de8f2f28eae5034cabc6674aec2725d71141aaaf
  • php-embedded-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:3950ebe8aab36eb71070322578ed0b202475e749d968b254489784780005e465
  • php-enchant-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:4efceff72041f79f8d3b3ef9f9f8a369b4448fb3eadd79e4c12dac9d52ad1fa6
  • php-fpm-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:a590c367ede6e8d5248a5eafa4e5039195f3db2231f318d0fdf1fb854416591d
  • php-gd-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:e1a42910cb429bcecce4f23ee3f9fe08d322613ad2c56b5dbac0e103ddc6b123
  • php-imap-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:630fe34ed9fde07b55bb5dc16b33a504ca6fdda74ba7d48c85228ed6f54990ac
  • php-intl-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:d72693312d2a1872c1c34d090689e3a92d7aa2348943ee9cc7e1254be9045a11
  • php-ldap-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:bd3b90e99280d05c44cf274cd9be6bd15cebaf4137ae9f68c437a4089faed44f
  • php-mbstring-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:bd7344ff11d995b27c33b1a29aee536e01462b3e8b3008eea80b0abc9961ab7e
  • php-mysql-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:a394a76312ee74b141ef0bbf8e32731d24d32a4e941051bb74d5d60ffda80f9b
  • php-odbc-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:7fdb12761c43fa93ac4fc9e72db29ebb5cdf8291488f257eaed0d55a59e311d4
  • php-pdo-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:4ac860e206a0644c60aab9aec3fa5740174847b4460e3d9b6a401501174e00dc
  • php-pgsql-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:2b6b489c923a3c20ec878b869b535bfa36b98d361bbd6d3cd509b84e944b0ac7
  • php-process-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:4a150ea63c1b43791763c7b1131ff986584a4623ab96bd89b2416f15fee030b1
  • php-pspell-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:27b5f7e86902116508968bcfe04e5b55568f5453d5ad827d361c08a61f374f04
  • php-recode-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:e054c454989446677ec1fea840a50a58b2e43a368317ad84030bdd0457ed024a
  • php-snmp-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:3ed6407fdb2c69f162b4e9d7f09c99bbab788646695082996ff78bfc30f9bf81
  • php-soap-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:cbdc79809e8e699974035e4bedbc39a7844d45101e4d33f774bedba8236be8e7
  • php-tidy-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:6a2677da6e69d91397e36c6e8adaa0084fdae7ab3de7dae2f45c3298cf0371b6
  • php-xml-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:a9f4720932b42c2a298c86d0bd8d762eb9b3af2ab4264064a6982a98225fc6da
  • php-xmlrpc-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:15c0344e781a50c12ca4b7d1f7b432a6d103b69452e3530fa10ab77d1d5d6a69
  • php-zts-5.3.3-50.el6_10.tuxcare.ol.els20.x86_64.rpm
    sha:1ec07e927c065ce8b9fce350ed439d77aa6d8f8a47eee7283499f97d61c0a011
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.